Transcription

8Ebook:THE AUTHORITATIVEGUIDE TO DNSTERMINOLOGYFrom A Record & DNS to Zones6036684998USA150 Dowdyn.comStreet, Manchester,[email protected] Street, Manchester, NH 03101 [email protected]

Your Master List of KeyDNS TermsAs more users and more online services (sites, microservices, connected“things,” etc.) join the global internet, the scale, complexity and volatility ofthat internet are also on the rise. Modern DNS is reemerging as a powerfultool for commercial internet infrastructure that puts control back in thehands of IT leaders.The foundation of the Domain Name System or DNS, a distributed internetdatabase that maps human-readable names to IP addresses, allows peopleto reach the correct online service (website, application, etc.) when enteringURL. For example, the domain name dyn.com translates to the IP addressof 199.180.184.220.Because DNS is the first step in the process of reaching online assets, italso provides an ideal “location” in the network to make decisions aboutwhere to send certain traffic. This is particularly useful as more organizationsadopt cloud or use CDNs to optimize content delivery, spawning hybridenvironments. DNS, particularly when coupled with intelligence about thosedestination endpoints and the network path between them, can help getthe right user to the right asset, improving performance, reachability ofthose assets, and security posture.Dyn has been in the managed DNS business for over 10 years (andpioneered Dynamic DNS before that), so the DNS terms in this guide arecommonly heard around the proverbial water coolers at Dyn, but we realizethey can be a bit arcane despite the importance of DNS.That’s why we’ve assembled this DNS Terminology Guide as your reference.We hope you’ll find it helpful.page [email protected] of Contents3A Record — Auth code2Authoritative Nameserver — DDoS2DDNS — Endpoint2GSLB — Primary DNS2PTR Records — Tracerout2Traffic Director – Zone

Ebook The Authoritative Guide to DNS TerminologyA Record: Points a hostname to an IPv4 address.AAAA Records: Points a hostname to an IPv6 address.Active Failover: Active Failover enables your online services to stay up andrunning – all while making the experience a seamless one for your visitors.When an outage is detected, your traffic is automatically re-routed to analternate endpoint that you have pre-configured.Primary Server(Outage)QueryQueryRe-routedResponseEnd UserRecursiveServerDynSecondary Server(Live)Anycast: Anycast networks provide a one-to-many relationship betweenIP addresses and their associated nameservers. Anycast networks protectavailability, achieving high redundancy and reducing risk of serviceinterruption by distributing DNS service for each IP address across multiplenameservers strategically placed throughout the world. Anycast providesredundancy while reducing DNS query latency.Auth Code: The “auth code” (sometimes called an “EPP code” or a“transfer code”) is a string, usually between 8 and 16 characters long andrandomly created at the time of a domain’s registration, used to authorizetransfers in certain Top Level Domains. The auth code provides an extralayer of security over the normal transfer request procedures.Authoritative Nameserver: A nameserver which has been configuredto provide answers for a specific domain, rather than simply getting andcaching data about domains from other nameservers.Autonomous System (AS): A collection of connected Internet Protocol (IP)routing prefixes under the control of one or more network operators onbehalf of a single administrative entity or domain that presents a common,clearly defined routing policy to the Internet.page [email protected]

Ebook The Authoritative Guide to DNS TerminologyBorder Gateway Protocol: BGP performs routing between multipleautonomous systems (domains) by finding the best path.available resources (bandwidth, memory, processing power, etc),making it unavailable to respond to legitimate users.Cache: Caching refers to a process where Recursive DNS serversremember the results of a DNS query for the time specified in the TTL(Time to Live). This reduces DNS query traffic as the Recursive DNSserver already knows the answer. Once the TTL expires, the answer isremoved from the cache.DDNS (Dynamic DNS): DDNS is used mainly by home users to senddynamic IP address updates to a static hostname.CDN: A Content Delivery Network is a network of servers that servescontent to end users from the closest node for the fastest load time.Companies are increasingly using CDNs to push rich content likestreaming video and games closer to the user. Recently, the use of amulti-CDN strategy has emerged to improve performance to specificmarkets and ensure the best price-to-performance ratio.Delegation: Delegation, as a verb (see delegate), is the process ofdesignating the nameservers for a domain. As a noun, it refers to theset of nameservers where a domain has been delegated.CNAME: A CNAME is a special type of DNS record used to create analias from one hostname to another. For example: www.dyn.com is aCNAME to dyn.com This means that someone accessing www.dyn.comwill be pointed to the same IP address that dyn.com points to. This isuseful so that when your IP address changes, you only have to updatedyn.com’s entry and then www.dyn.com will automatically point to theright place.Cut Node: Cut nodes allow you to keep the DNS for your zone withyour current DNS provider, but point or cut a specific node over toDyn’s nameservers, allowing you to use one of our advanced features.Data Center: Data centers house servers, computer systems, andother telecommunication components, usually with redundant powerand special security measures. They are designed to withstand majornatural and man-made disasters. Data centers are generally managedby a company’s IT department to support “on-premises” deployment ofapplications using their own infrastructure (vs. cloud deployment).DDoS: Distributed Denial of Service is an attack when multiple systemsare used to flood servers with traffic in an attempt to overwhelm itspage [email protected]: To specify in DNS which nameservers handle a specificdomain or subdomain. See delegation.DNS: DNS (the Domain Name System) provides mapping of hostnamesto IP addresses and back again. It’s akin to translating latitude andlongitude into a postal address. DNS is a foundational component ofIPM, increasing in strategic importance as the scale, complexity andvolatility of the internet increase.DNS Client: Also known as a DNS resolver, a DNS client is the systemthat makes a DNS request (e.g. your computer, smart phone, an ATM).DNS Query: A request a client sends to a DNS server to resolve the IPaddress for a domain name or hostname.DNSSEC: DNSSEC is the act of adding special signatures to the root,TLD, and authoritative nameservers for your zone to establish a chainof trust. DNSSEC enabled zones ensure that the answer to a DNS queryhas not been tampered with.Dynamic Steering: Internet routing that utilizes DNS to make routechanges autonomous of operator control based on real-time internetperformance or other, pre-determined policies.Endpoint: The target location for the client - IP address or CNAME.

Ebook The Authoritative Guide to DNS TerminologyForward Lookup: A forward lookup is when you use a hostname (domainname) to find an IP address. Find out your IP address at:http://checkip.dyn.com/Fully Qualified Domain Name: A fully qualified domain name is a completehostname, like that which you would use when connecting to a server on theInternet. Fully qualified hostnames must be used when updating with a client,e.g.,(if your hostname is “myhost.dnsalias.net”, you must provide that entirehostname to the client, not simply “myhost”.)Hijacking: IP hijacking (sometimes referred to as BGP hijacking, prefixhijacking or route hijacking) is the illegitimate takeover of groups of IPaddresses by corrupting Internet routing tables.GSLB: Global Server Load Balancing responds to DNS requests by directingtraffic using the best performing server in a geographic region. The valueof GSLB has increased with the rise in distributed online applications andservices. It has also evolved to embrace predictive, intelligent routing basedon real-time internet conditions.Hostname: See NodeIPv6 has arrived.IP Address: An IP address is how computers all over the Internet findeach other. It is similar to your street address, except it is for computers.IPv4 addresses look like 207.127.235.88. IPv6 addresses look something likefe80::216:3eff:fe1e:c440. It is often hard to remember numbers, and theycertainly don’t tell you very much about a computer. That is why we providealiasing services. IP addresses can be static or dynamic.Internet Protocol Version 4(IPv4) was the first publiclyused version of the InternetProtocol in 1981. Due toIPv4 address exhaustion, theIPv6 system was created &is being integrated.ISP: Internet Service Providers are those providing their customers accessto the Internet. ISPs provide the onramp to the internet for both users andservice providers.Iterative Query: An iterative query commonly takes place when a nameserver gives another nameserver the best answer it has for an IP query. Anexample of which is when a server asks root the location of example.com, theroot responds with the best answer it can to the .com nameserver.page [email protected]

Ebook The Authoritative Guide to DNS TerminologyLatency: Latency is the length of a delay that end users experiencewhen trying to access content.Load Balancing: Load balancing is used to distribute your traffic overseveral servers, resulting in increased reliability and efficiencyNameserver: A nameserver is a server which has been set up to answerDNS queries, and provide information about a certain set of domains.Node: A node in our context is a DNS label. The parts of a domainbetween the dots. A Node can also refer to a subdomain.PoP: A Point of Presence is the physical location of a server,data center, etc.Primary DNS: The DNS provider with control of zone file modification.Primary DNS is generally the first responder to DNS queries and is oftencomplemented by Secondary DNS for redundancy and performanceconsiderations.PTR Records: PTR records are a reverse lookup for an A record. Due tothe nature of DNS and the way reverse lookups work, PTR records canonly be controlled by your ISP.QPS: Queries Per Second is the measurement used in DNS to recordhow many queries a DNS server is receiving.Recursive DNS: Recursive DNS is typically supplied by an ISP and is theserver to which a DNS client makes its initial query. Once the recursiveserver receives the correct information about an IP address from othernameservers, the recursive server will cache the information.Redundancy: Redundancy is having more than one server available. Inthe situation of a failure, a redundant server can be used as a backup.Reverse Lookup: Looking up an IP address to retrieve a hostname.page [email protected]: The root servers arenameservers that all othernameservers on the Internetknow about, and contain verybasic information about theDNS system, which will leadother servers along the pathto finding specific informationabout a host.Global Root Server LocationsRound Robin: A method used to distribute server load evenly acrossmultiple servers.Secondary DNS: Secondary DNS provides parallel DNS serverfunctions for the primary DNS Server and shares its workload. Aread-only copy of the zone stays in sync with the master or primaryDNS server and works in an “active-active” mode whereby the firstand fastest DNS “wins” the query. Employing multiple DNS networksincreases the resiliency of this critical service.SoA Record: Start of Authority record indicates the DNS server withthe best source of information in a zone along with some basic zoneconfiguration settings. It has the most authority to make changes inthe domain or answer questions.TLD: Top Level Domain - .com, .net, .org, etc.Traceroute: A diagnostic tool for displaying the route (path) andmeasuring transit delays of packets across an Internet Protocol(IP) network.Traffic Director: An advanced service that integrates geographic loadbalancing with monitoring and failover features.Transit: The service of allowing network traffic to cross or “transit”a computer network, usually used to connect a smaller ISP to thelarger internet.

Ebook The Authoritative Guide to DNS TerminologyTTL: TTL is the amount of time in seconds that a DNS record will becached by an outside DNS server.TXT Records: TXT records are used to store information. Common usesinclude SPF, DKIM, etc.Unicast: A DNS network topology in which there is only one respondingserver. Unicast is more susceptible to downtime/outage and generallyperforms DNS resolution with more latency vs. anycast DNS networks.Zone: A portion of the DNS namespace that has been divided up formore granular administration of DNS. Zones hold DNS records thatcontain mapping information.Learn more – Visit: dyn.com/dnspage [email protected]

8RethinkDNS.Oracle Dyn is global business unit (GBU) focused on critical cloud infrastructure.Dyn is a pioneer in DNS and a leader in cloud-based infrastructure thatconnects users with digital content and experiences across a global internet.Dyn’s solution is powered by a global network that drives 40 billion trafficoptimization decisions daily for more than 3,500 enterprise customers,including preeminent digital brands such as Netflix, Twitter, LinkedIn andCNBC. Adding Dyn’s best-in-class DNS and email services extend the Oraclecloud computing platform and provides enterprise customers with a one-stopshop for infrastructure as a service (IaaS) and platform as a service (PaaS).Copyright 2015, Oracle and/or its affiliates. All rights reaserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates.Other names may be trademarks of their respective owners. 10106036684998USA150 Dowdyn.comStreet, Manchester,[email protected] Street, Manchester, NH 03101 [email protected]

Round Robin: A method used to distribute server load evenly across multiple servers. Secondary DNS: Secondary DNS provides parallel DNS server functions for the primary DNS Server and shares its workload. A read-only copy of the zone stays in sync with the master or primary DNS serv